The Uploader

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2011-2944	Megalab The Uploader		0.03	—	0.03		Aug 12, 2014	SQL injection vulnerability in login.php in MegaLab The Uploader before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-4816	Megalab The Uploader		0.03	—	0.03		Apr 27, 2010	Directory traversal vulnerability in api/download_checker.php in MegaLab The Uploader 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.

CVE-2011-2944Aug 12, 2014
Megalab
The Uploader
risk 0.03cvss —epss 0.03
SQL injection vulnerability in login.php in MegaLab The Uploader before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-4816Apr 27, 2010
Megalab
The Uploader
risk 0.03cvss —epss 0.03
Directory traversal vulnerability in api/download_checker.php in MegaLab The Uploader 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.